Machine learning enhances data protection

Mar 16, 2017

Kaspersky Lab has released Kaspersky Fraud Prevention Cloud, a new solution for organisations facing risks from fraudulent activity via fast-growing online services.
In addition to fraud prevention solutions for endpoints and mobile devices within Kaspersky Fraud Prevention platform, the new product features a set of cloud-based technologies designed to give banks, financial institutions, loyalty schemes providers and government agencies protection against fraudsters. These include a global device reputation database, device and environmental analysis, behavioural analysis and biometrics, and clientless malware detection.
With the rise of online and mobile banking, organisations need to fight fraud and money laundering while also ensuring protection for their users. For example, according to the Financial Institutions Risks Survey 2016, conducted by B2B International and Kaspersky Lab, one in four customers of banks have been a victim of financial fraud in the last year. The new fraud prevention offering from Kaspersky Lab delivers multi-channel protection for both organisations and users, resulting in reduced losses from fraud and controlled prevention costs.
The solution incorporates advanced technologies to improve the visibility and detection of suspicious activity without undermining the user experience. Behavioural analysis and biometrics help to identify whether a person is real, without any additional actions or procedures required by the user. Behaviour is analysed through mouse movements, clicks, scrolls, keystrokes on PCs, and accelerometer/gyroscope position and gestures (touch, swipes and etc.) on mobile devices.
Kaspersky Fraud Prevention Cloud accumulates and analyses user behaviour, device, environment and session information as anonymised and depersonalised big data in the cloud, making it available to expert forensics and automatic offline analysis. This new information feeds into an organisations internal Enterprise Fraud Management system, which enables proactive fraud detection in real time, even before a transaction occurs. This approach is based on Humachine intelligence by Kaspersky Lab — a combination of big data and threat research analysis with machine learning algorithms and the expertise of the company’s best security teams.
Risk Based Authentication (RBA) assesses the risks before a user is logged into a digital channel, providing decisions to internal back-end systems on whether to proceed, request additional authentication information or block access until further verification. This feature improves usability for ‘legitimate users’ by decreasing the number of authentication stages, while the ‘unauthorised users’ are detected before they commit any fraudulent activity.
Continuous Session Anomaly Detection also helps to maximise fraudulent detection by identifying account takeover, new account fraud, money laundering, automated tools or any suspicious processes that occur during the session. As such, Kaspersky Fraud Prevention Cloud acts not only during the login process, but also during the whole session, building statistical models of various behavioural patterns with the help of machine learning technologies.
Clientless malware detection as part of Kaspersky Fraud Prevention Cloud combines direct and proactive detection techniques. The first identifies whether a customer’s device is used to directly attack a particular organisation’s digital services. The second helps to identify malware that is not affecting the organisation directly but may potentially be adapted for this purpose in the future. This helps a company to minimise risks and avoid losses of an actual attack when one occurs.
“Within our Fraud Prevention team, we have a dedicated group of experts — our Fraud Research and Analysis Group — that provides support to clients in mitigating fraud risks, conducting forensics of fraud incidents, and controlling fraud prevention costs. Relying on our expertise, we offer consulting and incident response services for highly complicated fraud attacks. This expertise feeds into our cloud solution, improving it and ensuring it is ready to help our clients fight the constantly evolving threats and fraud tactics;” said Alexander Ermakovich, head of fraud prevention at Kaspersky Lab.